1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * 4 * Procedures for interfacing to the RTAS on CHRP machines. 5 * 6 * Peter Bergner, IBM March 2001. 7 * Copyright (C) 2001 IBM. 8 */ 9 10 #include <linux/stdarg.h> 11 #include <linux/kernel.h> 12 #include <linux/types.h> 13 #include <linux/spinlock.h> 14 #include <linux/export.h> 15 #include <linux/init.h> 16 #include <linux/capability.h> 17 #include <linux/delay.h> 18 #include <linux/cpu.h> 19 #include <linux/sched.h> 20 #include <linux/smp.h> 21 #include <linux/completion.h> 22 #include <linux/cpumask.h> 23 #include <linux/memblock.h> 24 #include <linux/slab.h> 25 #include <linux/reboot.h> 26 #include <linux/syscalls.h> 27 28 #include <asm/interrupt.h> 29 #include <asm/prom.h> 30 #include <asm/rtas.h> 31 #include <asm/hvcall.h> 32 #include <asm/machdep.h> 33 #include <asm/firmware.h> 34 #include <asm/page.h> 35 #include <asm/param.h> 36 #include <asm/delay.h> 37 #include <linux/uaccess.h> 38 #include <asm/udbg.h> 39 #include <asm/syscalls.h> 40 #include <asm/smp.h> 41 #include <linux/atomic.h> 42 #include <asm/time.h> 43 #include <asm/mmu.h> 44 #include <asm/topology.h> 45 #include <asm/paca.h> 46 47 /* This is here deliberately so it's only used in this file */ 48 void enter_rtas(unsigned long); 49 50 static inline void do_enter_rtas(unsigned long args) 51 { 52 enter_rtas(args); 53 54 srr_regs_clobbered(); /* rtas uses SRRs, invalidate */ 55 } 56 57 struct rtas_t rtas = { 58 .lock = __ARCH_SPIN_LOCK_UNLOCKED 59 }; 60 EXPORT_SYMBOL(rtas); 61 62 DEFINE_SPINLOCK(rtas_data_buf_lock); 63 EXPORT_SYMBOL(rtas_data_buf_lock); 64 65 char rtas_data_buf[RTAS_DATA_BUF_SIZE] __cacheline_aligned; 66 EXPORT_SYMBOL(rtas_data_buf); 67 68 unsigned long rtas_rmo_buf; 69 70 /* 71 * If non-NULL, this gets called when the kernel terminates. 72 * This is done like this so rtas_flash can be a module. 73 */ 74 void (*rtas_flash_term_hook)(int); 75 EXPORT_SYMBOL(rtas_flash_term_hook); 76 77 /* RTAS use home made raw locking instead of spin_lock_irqsave 78 * because those can be called from within really nasty contexts 79 * such as having the timebase stopped which would lockup with 80 * normal locks and spinlock debugging enabled 81 */ 82 static unsigned long lock_rtas(void) 83 { 84 unsigned long flags; 85 86 local_irq_save(flags); 87 preempt_disable(); 88 arch_spin_lock(&rtas.lock); 89 return flags; 90 } 91 92 static void unlock_rtas(unsigned long flags) 93 { 94 arch_spin_unlock(&rtas.lock); 95 local_irq_restore(flags); 96 preempt_enable(); 97 } 98 99 /* 100 * call_rtas_display_status and call_rtas_display_status_delay 101 * are designed only for very early low-level debugging, which 102 * is why the token is hard-coded to 10. 103 */ 104 static void call_rtas_display_status(unsigned char c) 105 { 106 unsigned long s; 107 108 if (!rtas.base) 109 return; 110 111 s = lock_rtas(); 112 rtas_call_unlocked(&rtas.args, 10, 1, 1, NULL, c); 113 unlock_rtas(s); 114 } 115 116 static void call_rtas_display_status_delay(char c) 117 { 118 static int pending_newline = 0; /* did last write end with unprinted newline? */ 119 static int width = 16; 120 121 if (c == '\n') { 122 while (width-- > 0) 123 call_rtas_display_status(' '); 124 width = 16; 125 mdelay(500); 126 pending_newline = 1; 127 } else { 128 if (pending_newline) { 129 call_rtas_display_status('\r'); 130 call_rtas_display_status('\n'); 131 } 132 pending_newline = 0; 133 if (width--) { 134 call_rtas_display_status(c); 135 udelay(10000); 136 } 137 } 138 } 139 140 void __init udbg_init_rtas_panel(void) 141 { 142 udbg_putc = call_rtas_display_status_delay; 143 } 144 145 #ifdef CONFIG_UDBG_RTAS_CONSOLE 146 147 /* If you think you're dying before early_init_dt_scan_rtas() does its 148 * work, you can hard code the token values for your firmware here and 149 * hardcode rtas.base/entry etc. 150 */ 151 static unsigned int rtas_putchar_token = RTAS_UNKNOWN_SERVICE; 152 static unsigned int rtas_getchar_token = RTAS_UNKNOWN_SERVICE; 153 154 static void udbg_rtascon_putc(char c) 155 { 156 int tries; 157 158 if (!rtas.base) 159 return; 160 161 /* Add CRs before LFs */ 162 if (c == '\n') 163 udbg_rtascon_putc('\r'); 164 165 /* if there is more than one character to be displayed, wait a bit */ 166 for (tries = 0; tries < 16; tries++) { 167 if (rtas_call(rtas_putchar_token, 1, 1, NULL, c) == 0) 168 break; 169 udelay(1000); 170 } 171 } 172 173 static int udbg_rtascon_getc_poll(void) 174 { 175 int c; 176 177 if (!rtas.base) 178 return -1; 179 180 if (rtas_call(rtas_getchar_token, 0, 2, &c)) 181 return -1; 182 183 return c; 184 } 185 186 static int udbg_rtascon_getc(void) 187 { 188 int c; 189 190 while ((c = udbg_rtascon_getc_poll()) == -1) 191 ; 192 193 return c; 194 } 195 196 197 void __init udbg_init_rtas_console(void) 198 { 199 udbg_putc = udbg_rtascon_putc; 200 udbg_getc = udbg_rtascon_getc; 201 udbg_getc_poll = udbg_rtascon_getc_poll; 202 } 203 #endif /* CONFIG_UDBG_RTAS_CONSOLE */ 204 205 void rtas_progress(char *s, unsigned short hex) 206 { 207 struct device_node *root; 208 int width; 209 const __be32 *p; 210 char *os; 211 static int display_character, set_indicator; 212 static int display_width, display_lines, form_feed; 213 static const int *row_width; 214 static DEFINE_SPINLOCK(progress_lock); 215 static int current_line; 216 static int pending_newline = 0; /* did last write end with unprinted newline? */ 217 218 if (!rtas.base) 219 return; 220 221 if (display_width == 0) { 222 display_width = 0x10; 223 if ((root = of_find_node_by_path("/rtas"))) { 224 if ((p = of_get_property(root, 225 "ibm,display-line-length", NULL))) 226 display_width = be32_to_cpu(*p); 227 if ((p = of_get_property(root, 228 "ibm,form-feed", NULL))) 229 form_feed = be32_to_cpu(*p); 230 if ((p = of_get_property(root, 231 "ibm,display-number-of-lines", NULL))) 232 display_lines = be32_to_cpu(*p); 233 row_width = of_get_property(root, 234 "ibm,display-truncation-length", NULL); 235 of_node_put(root); 236 } 237 display_character = rtas_token("display-character"); 238 set_indicator = rtas_token("set-indicator"); 239 } 240 241 if (display_character == RTAS_UNKNOWN_SERVICE) { 242 /* use hex display if available */ 243 if (set_indicator != RTAS_UNKNOWN_SERVICE) 244 rtas_call(set_indicator, 3, 1, NULL, 6, 0, hex); 245 return; 246 } 247 248 spin_lock(&progress_lock); 249 250 /* 251 * Last write ended with newline, but we didn't print it since 252 * it would just clear the bottom line of output. Print it now 253 * instead. 254 * 255 * If no newline is pending and form feed is supported, clear the 256 * display with a form feed; otherwise, print a CR to start output 257 * at the beginning of the line. 258 */ 259 if (pending_newline) { 260 rtas_call(display_character, 1, 1, NULL, '\r'); 261 rtas_call(display_character, 1, 1, NULL, '\n'); 262 pending_newline = 0; 263 } else { 264 current_line = 0; 265 if (form_feed) 266 rtas_call(display_character, 1, 1, NULL, 267 (char)form_feed); 268 else 269 rtas_call(display_character, 1, 1, NULL, '\r'); 270 } 271 272 if (row_width) 273 width = row_width[current_line]; 274 else 275 width = display_width; 276 os = s; 277 while (*os) { 278 if (*os == '\n' || *os == '\r') { 279 /* If newline is the last character, save it 280 * until next call to avoid bumping up the 281 * display output. 282 */ 283 if (*os == '\n' && !os[1]) { 284 pending_newline = 1; 285 current_line++; 286 if (current_line > display_lines-1) 287 current_line = display_lines-1; 288 spin_unlock(&progress_lock); 289 return; 290 } 291 292 /* RTAS wants CR-LF, not just LF */ 293 294 if (*os == '\n') { 295 rtas_call(display_character, 1, 1, NULL, '\r'); 296 rtas_call(display_character, 1, 1, NULL, '\n'); 297 } else { 298 /* CR might be used to re-draw a line, so we'll 299 * leave it alone and not add LF. 300 */ 301 rtas_call(display_character, 1, 1, NULL, *os); 302 } 303 304 if (row_width) 305 width = row_width[current_line]; 306 else 307 width = display_width; 308 } else { 309 width--; 310 rtas_call(display_character, 1, 1, NULL, *os); 311 } 312 313 os++; 314 315 /* if we overwrite the screen length */ 316 if (width <= 0) 317 while ((*os != 0) && (*os != '\n') && (*os != '\r')) 318 os++; 319 } 320 321 spin_unlock(&progress_lock); 322 } 323 EXPORT_SYMBOL(rtas_progress); /* needed by rtas_flash module */ 324 325 int rtas_token(const char *service) 326 { 327 const __be32 *tokp; 328 if (rtas.dev == NULL) 329 return RTAS_UNKNOWN_SERVICE; 330 tokp = of_get_property(rtas.dev, service, NULL); 331 return tokp ? be32_to_cpu(*tokp) : RTAS_UNKNOWN_SERVICE; 332 } 333 EXPORT_SYMBOL(rtas_token); 334 335 int rtas_service_present(const char *service) 336 { 337 return rtas_token(service) != RTAS_UNKNOWN_SERVICE; 338 } 339 EXPORT_SYMBOL(rtas_service_present); 340 341 #ifdef CONFIG_RTAS_ERROR_LOGGING 342 /* 343 * Return the firmware-specified size of the error log buffer 344 * for all rtas calls that require an error buffer argument. 345 * This includes 'check-exception' and 'rtas-last-error'. 346 */ 347 int rtas_get_error_log_max(void) 348 { 349 static int rtas_error_log_max; 350 if (rtas_error_log_max) 351 return rtas_error_log_max; 352 353 rtas_error_log_max = rtas_token ("rtas-error-log-max"); 354 if ((rtas_error_log_max == RTAS_UNKNOWN_SERVICE) || 355 (rtas_error_log_max > RTAS_ERROR_LOG_MAX)) { 356 printk (KERN_WARNING "RTAS: bad log buffer size %d\n", 357 rtas_error_log_max); 358 rtas_error_log_max = RTAS_ERROR_LOG_MAX; 359 } 360 return rtas_error_log_max; 361 } 362 EXPORT_SYMBOL(rtas_get_error_log_max); 363 364 365 static char rtas_err_buf[RTAS_ERROR_LOG_MAX]; 366 static int rtas_last_error_token; 367 368 /** Return a copy of the detailed error text associated with the 369 * most recent failed call to rtas. Because the error text 370 * might go stale if there are any other intervening rtas calls, 371 * this routine must be called atomically with whatever produced 372 * the error (i.e. with rtas.lock still held from the previous call). 373 */ 374 static char *__fetch_rtas_last_error(char *altbuf) 375 { 376 struct rtas_args err_args, save_args; 377 u32 bufsz; 378 char *buf = NULL; 379 380 if (rtas_last_error_token == -1) 381 return NULL; 382 383 bufsz = rtas_get_error_log_max(); 384 385 err_args.token = cpu_to_be32(rtas_last_error_token); 386 err_args.nargs = cpu_to_be32(2); 387 err_args.nret = cpu_to_be32(1); 388 err_args.args[0] = cpu_to_be32(__pa(rtas_err_buf)); 389 err_args.args[1] = cpu_to_be32(bufsz); 390 err_args.args[2] = 0; 391 392 save_args = rtas.args; 393 rtas.args = err_args; 394 395 do_enter_rtas(__pa(&rtas.args)); 396 397 err_args = rtas.args; 398 rtas.args = save_args; 399 400 /* Log the error in the unlikely case that there was one. */ 401 if (unlikely(err_args.args[2] == 0)) { 402 if (altbuf) { 403 buf = altbuf; 404 } else { 405 buf = rtas_err_buf; 406 if (slab_is_available()) 407 buf = kmalloc(RTAS_ERROR_LOG_MAX, GFP_ATOMIC); 408 } 409 if (buf) 410 memcpy(buf, rtas_err_buf, RTAS_ERROR_LOG_MAX); 411 } 412 413 return buf; 414 } 415 416 #define get_errorlog_buffer() kmalloc(RTAS_ERROR_LOG_MAX, GFP_KERNEL) 417 418 #else /* CONFIG_RTAS_ERROR_LOGGING */ 419 #define __fetch_rtas_last_error(x) NULL 420 #define get_errorlog_buffer() NULL 421 #endif 422 423 424 static void 425 va_rtas_call_unlocked(struct rtas_args *args, int token, int nargs, int nret, 426 va_list list) 427 { 428 int i; 429 430 args->token = cpu_to_be32(token); 431 args->nargs = cpu_to_be32(nargs); 432 args->nret = cpu_to_be32(nret); 433 args->rets = &(args->args[nargs]); 434 435 for (i = 0; i < nargs; ++i) 436 args->args[i] = cpu_to_be32(va_arg(list, __u32)); 437 438 for (i = 0; i < nret; ++i) 439 args->rets[i] = 0; 440 441 do_enter_rtas(__pa(args)); 442 } 443 444 void rtas_call_unlocked(struct rtas_args *args, int token, int nargs, int nret, ...) 445 { 446 va_list list; 447 448 va_start(list, nret); 449 va_rtas_call_unlocked(args, token, nargs, nret, list); 450 va_end(list); 451 } 452 453 int rtas_call(int token, int nargs, int nret, int *outputs, ...) 454 { 455 va_list list; 456 int i; 457 unsigned long s; 458 struct rtas_args *rtas_args; 459 char *buff_copy = NULL; 460 int ret; 461 462 if (!rtas.entry || token == RTAS_UNKNOWN_SERVICE) 463 return -1; 464 465 s = lock_rtas(); 466 467 /* We use the global rtas args buffer */ 468 rtas_args = &rtas.args; 469 470 va_start(list, outputs); 471 va_rtas_call_unlocked(rtas_args, token, nargs, nret, list); 472 va_end(list); 473 474 /* A -1 return code indicates that the last command couldn't 475 be completed due to a hardware error. */ 476 if (be32_to_cpu(rtas_args->rets[0]) == -1) 477 buff_copy = __fetch_rtas_last_error(NULL); 478 479 if (nret > 1 && outputs != NULL) 480 for (i = 0; i < nret-1; ++i) 481 outputs[i] = be32_to_cpu(rtas_args->rets[i+1]); 482 ret = (nret > 0)? be32_to_cpu(rtas_args->rets[0]): 0; 483 484 unlock_rtas(s); 485 486 if (buff_copy) { 487 log_error(buff_copy, ERR_TYPE_RTAS_LOG, 0); 488 if (slab_is_available()) 489 kfree(buff_copy); 490 } 491 return ret; 492 } 493 EXPORT_SYMBOL(rtas_call); 494 495 /* For RTAS_BUSY (-2), delay for 1 millisecond. For an extended busy status 496 * code of 990n, perform the hinted delay of 10^n (last digit) milliseconds. 497 */ 498 unsigned int rtas_busy_delay_time(int status) 499 { 500 int order; 501 unsigned int ms = 0; 502 503 if (status == RTAS_BUSY) { 504 ms = 1; 505 } else if (status >= RTAS_EXTENDED_DELAY_MIN && 506 status <= RTAS_EXTENDED_DELAY_MAX) { 507 order = status - RTAS_EXTENDED_DELAY_MIN; 508 for (ms = 1; order > 0; order--) 509 ms *= 10; 510 } 511 512 return ms; 513 } 514 EXPORT_SYMBOL(rtas_busy_delay_time); 515 516 /** 517 * rtas_busy_delay() - helper for RTAS busy and extended delay statuses 518 * 519 * @status: a value returned from rtas_call() or similar APIs which return 520 * the status of a RTAS function call. 521 * 522 * Context: Process context. May sleep or schedule. 523 * 524 * Return: 525 * * true - @status is RTAS_BUSY or an extended delay hint. The 526 * caller may assume that the CPU has been yielded if necessary, 527 * and that an appropriate delay for @status has elapsed. 528 * Generally the caller should reattempt the RTAS call which 529 * yielded @status. 530 * 531 * * false - @status is not @RTAS_BUSY nor an extended delay hint. The 532 * caller is responsible for handling @status. 533 */ 534 bool rtas_busy_delay(int status) 535 { 536 unsigned int ms; 537 bool ret; 538 539 switch (status) { 540 case RTAS_EXTENDED_DELAY_MIN...RTAS_EXTENDED_DELAY_MAX: 541 ret = true; 542 ms = rtas_busy_delay_time(status); 543 /* 544 * The extended delay hint can be as high as 100 seconds. 545 * Surely any function returning such a status is either 546 * buggy or isn't going to be significantly slowed by us 547 * polling at 1HZ. Clamp the sleep time to one second. 548 */ 549 ms = clamp(ms, 1U, 1000U); 550 /* 551 * The delay hint is an order-of-magnitude suggestion, not 552 * a minimum. It is fine, possibly even advantageous, for 553 * us to pause for less time than hinted. For small values, 554 * use usleep_range() to ensure we don't sleep much longer 555 * than actually needed. 556 * 557 * See Documentation/timers/timers-howto.rst for 558 * explanation of the threshold used here. In effect we use 559 * usleep_range() for 9900 and 9901, msleep() for 560 * 9902-9905. 561 */ 562 if (ms <= 20) 563 usleep_range(ms * 100, ms * 1000); 564 else 565 msleep(ms); 566 break; 567 case RTAS_BUSY: 568 ret = true; 569 /* 570 * We should call again immediately if there's no other 571 * work to do. 572 */ 573 cond_resched(); 574 break; 575 default: 576 ret = false; 577 /* 578 * Not a busy or extended delay status; the caller should 579 * handle @status itself. Ensure we warn on misuses in 580 * atomic context regardless. 581 */ 582 might_sleep(); 583 break; 584 } 585 586 return ret; 587 } 588 EXPORT_SYMBOL(rtas_busy_delay); 589 590 static int rtas_error_rc(int rtas_rc) 591 { 592 int rc; 593 594 switch (rtas_rc) { 595 case -1: /* Hardware Error */ 596 rc = -EIO; 597 break; 598 case -3: /* Bad indicator/domain/etc */ 599 rc = -EINVAL; 600 break; 601 case -9000: /* Isolation error */ 602 rc = -EFAULT; 603 break; 604 case -9001: /* Outstanding TCE/PTE */ 605 rc = -EEXIST; 606 break; 607 case -9002: /* No usable slot */ 608 rc = -ENODEV; 609 break; 610 default: 611 printk(KERN_ERR "%s: unexpected RTAS error %d\n", 612 __func__, rtas_rc); 613 rc = -ERANGE; 614 break; 615 } 616 return rc; 617 } 618 619 int rtas_get_power_level(int powerdomain, int *level) 620 { 621 int token = rtas_token("get-power-level"); 622 int rc; 623 624 if (token == RTAS_UNKNOWN_SERVICE) 625 return -ENOENT; 626 627 while ((rc = rtas_call(token, 1, 2, level, powerdomain)) == RTAS_BUSY) 628 udelay(1); 629 630 if (rc < 0) 631 return rtas_error_rc(rc); 632 return rc; 633 } 634 EXPORT_SYMBOL(rtas_get_power_level); 635 636 int rtas_set_power_level(int powerdomain, int level, int *setlevel) 637 { 638 int token = rtas_token("set-power-level"); 639 int rc; 640 641 if (token == RTAS_UNKNOWN_SERVICE) 642 return -ENOENT; 643 644 do { 645 rc = rtas_call(token, 2, 2, setlevel, powerdomain, level); 646 } while (rtas_busy_delay(rc)); 647 648 if (rc < 0) 649 return rtas_error_rc(rc); 650 return rc; 651 } 652 EXPORT_SYMBOL(rtas_set_power_level); 653 654 int rtas_get_sensor(int sensor, int index, int *state) 655 { 656 int token = rtas_token("get-sensor-state"); 657 int rc; 658 659 if (token == RTAS_UNKNOWN_SERVICE) 660 return -ENOENT; 661 662 do { 663 rc = rtas_call(token, 2, 2, state, sensor, index); 664 } while (rtas_busy_delay(rc)); 665 666 if (rc < 0) 667 return rtas_error_rc(rc); 668 return rc; 669 } 670 EXPORT_SYMBOL(rtas_get_sensor); 671 672 int rtas_get_sensor_fast(int sensor, int index, int *state) 673 { 674 int token = rtas_token("get-sensor-state"); 675 int rc; 676 677 if (token == RTAS_UNKNOWN_SERVICE) 678 return -ENOENT; 679 680 rc = rtas_call(token, 2, 2, state, sensor, index); 681 WARN_ON(rc == RTAS_BUSY || (rc >= RTAS_EXTENDED_DELAY_MIN && 682 rc <= RTAS_EXTENDED_DELAY_MAX)); 683 684 if (rc < 0) 685 return rtas_error_rc(rc); 686 return rc; 687 } 688 689 bool rtas_indicator_present(int token, int *maxindex) 690 { 691 int proplen, count, i; 692 const struct indicator_elem { 693 __be32 token; 694 __be32 maxindex; 695 } *indicators; 696 697 indicators = of_get_property(rtas.dev, "rtas-indicators", &proplen); 698 if (!indicators) 699 return false; 700 701 count = proplen / sizeof(struct indicator_elem); 702 703 for (i = 0; i < count; i++) { 704 if (__be32_to_cpu(indicators[i].token) != token) 705 continue; 706 if (maxindex) 707 *maxindex = __be32_to_cpu(indicators[i].maxindex); 708 return true; 709 } 710 711 return false; 712 } 713 EXPORT_SYMBOL(rtas_indicator_present); 714 715 int rtas_set_indicator(int indicator, int index, int new_value) 716 { 717 int token = rtas_token("set-indicator"); 718 int rc; 719 720 if (token == RTAS_UNKNOWN_SERVICE) 721 return -ENOENT; 722 723 do { 724 rc = rtas_call(token, 3, 1, NULL, indicator, index, new_value); 725 } while (rtas_busy_delay(rc)); 726 727 if (rc < 0) 728 return rtas_error_rc(rc); 729 return rc; 730 } 731 EXPORT_SYMBOL(rtas_set_indicator); 732 733 /* 734 * Ignoring RTAS extended delay 735 */ 736 int rtas_set_indicator_fast(int indicator, int index, int new_value) 737 { 738 int rc; 739 int token = rtas_token("set-indicator"); 740 741 if (token == RTAS_UNKNOWN_SERVICE) 742 return -ENOENT; 743 744 rc = rtas_call(token, 3, 1, NULL, indicator, index, new_value); 745 746 WARN_ON(rc == RTAS_BUSY || (rc >= RTAS_EXTENDED_DELAY_MIN && 747 rc <= RTAS_EXTENDED_DELAY_MAX)); 748 749 if (rc < 0) 750 return rtas_error_rc(rc); 751 752 return rc; 753 } 754 755 /** 756 * rtas_ibm_suspend_me() - Call ibm,suspend-me to suspend the LPAR. 757 * 758 * @fw_status: RTAS call status will be placed here if not NULL. 759 * 760 * rtas_ibm_suspend_me() should be called only on a CPU which has 761 * received H_CONTINUE from the H_JOIN hcall. All other active CPUs 762 * should be waiting to return from H_JOIN. 763 * 764 * rtas_ibm_suspend_me() may suspend execution of the OS 765 * indefinitely. Callers should take appropriate measures upon return, such as 766 * resetting watchdog facilities. 767 * 768 * Callers may choose to retry this call if @fw_status is 769 * %RTAS_THREADS_ACTIVE. 770 * 771 * Return: 772 * 0 - The partition has resumed from suspend, possibly after 773 * migration to a different host. 774 * -ECANCELED - The operation was aborted. 775 * -EAGAIN - There were other CPUs not in H_JOIN at the time of the call. 776 * -EBUSY - Some other condition prevented the suspend from succeeding. 777 * -EIO - Hardware/platform error. 778 */ 779 int rtas_ibm_suspend_me(int *fw_status) 780 { 781 int fwrc; 782 int ret; 783 784 fwrc = rtas_call(rtas_token("ibm,suspend-me"), 0, 1, NULL); 785 786 switch (fwrc) { 787 case 0: 788 ret = 0; 789 break; 790 case RTAS_SUSPEND_ABORTED: 791 ret = -ECANCELED; 792 break; 793 case RTAS_THREADS_ACTIVE: 794 ret = -EAGAIN; 795 break; 796 case RTAS_NOT_SUSPENDABLE: 797 case RTAS_OUTSTANDING_COPROC: 798 ret = -EBUSY; 799 break; 800 case -1: 801 default: 802 ret = -EIO; 803 break; 804 } 805 806 if (fw_status) 807 *fw_status = fwrc; 808 809 return ret; 810 } 811 812 void __noreturn rtas_restart(char *cmd) 813 { 814 if (rtas_flash_term_hook) 815 rtas_flash_term_hook(SYS_RESTART); 816 printk("RTAS system-reboot returned %d\n", 817 rtas_call(rtas_token("system-reboot"), 0, 1, NULL)); 818 for (;;); 819 } 820 821 void rtas_power_off(void) 822 { 823 if (rtas_flash_term_hook) 824 rtas_flash_term_hook(SYS_POWER_OFF); 825 /* allow power on only with power button press */ 826 printk("RTAS power-off returned %d\n", 827 rtas_call(rtas_token("power-off"), 2, 1, NULL, -1, -1)); 828 for (;;); 829 } 830 831 void __noreturn rtas_halt(void) 832 { 833 if (rtas_flash_term_hook) 834 rtas_flash_term_hook(SYS_HALT); 835 /* allow power on only with power button press */ 836 printk("RTAS power-off returned %d\n", 837 rtas_call(rtas_token("power-off"), 2, 1, NULL, -1, -1)); 838 for (;;); 839 } 840 841 /* Must be in the RMO region, so we place it here */ 842 static char rtas_os_term_buf[2048]; 843 844 void rtas_os_term(char *str) 845 { 846 int status; 847 848 /* 849 * Firmware with the ibm,extended-os-term property is guaranteed 850 * to always return from an ibm,os-term call. Earlier versions without 851 * this property may terminate the partition which we want to avoid 852 * since it interferes with panic_timeout. 853 */ 854 if (RTAS_UNKNOWN_SERVICE == rtas_token("ibm,os-term") || 855 RTAS_UNKNOWN_SERVICE == rtas_token("ibm,extended-os-term")) 856 return; 857 858 snprintf(rtas_os_term_buf, 2048, "OS panic: %s", str); 859 860 do { 861 status = rtas_call(rtas_token("ibm,os-term"), 1, 1, NULL, 862 __pa(rtas_os_term_buf)); 863 } while (rtas_busy_delay(status)); 864 865 if (status != 0) 866 printk(KERN_EMERG "ibm,os-term call failed %d\n", status); 867 } 868 869 /** 870 * rtas_activate_firmware() - Activate a new version of firmware. 871 * 872 * Context: This function may sleep. 873 * 874 * Activate a new version of partition firmware. The OS must call this 875 * after resuming from a partition hibernation or migration in order 876 * to maintain the ability to perform live firmware updates. It's not 877 * catastrophic for this method to be absent or to fail; just log the 878 * condition in that case. 879 */ 880 void rtas_activate_firmware(void) 881 { 882 int token; 883 int fwrc; 884 885 token = rtas_token("ibm,activate-firmware"); 886 if (token == RTAS_UNKNOWN_SERVICE) { 887 pr_notice("ibm,activate-firmware method unavailable\n"); 888 return; 889 } 890 891 do { 892 fwrc = rtas_call(token, 0, 1, NULL); 893 } while (rtas_busy_delay(fwrc)); 894 895 if (fwrc) 896 pr_err("ibm,activate-firmware failed (%i)\n", fwrc); 897 } 898 899 #ifdef CONFIG_PPC_PSERIES 900 /** 901 * rtas_call_reentrant() - Used for reentrant rtas calls 902 * @token: Token for desired reentrant RTAS call 903 * @nargs: Number of Input Parameters 904 * @nret: Number of Output Parameters 905 * @outputs: Array of outputs 906 * @...: Inputs for desired RTAS call 907 * 908 * According to LoPAR documentation, only "ibm,int-on", "ibm,int-off", 909 * "ibm,get-xive" and "ibm,set-xive" are currently reentrant. 910 * Reentrant calls need their own rtas_args buffer, so not using rtas.args, but 911 * PACA one instead. 912 * 913 * Return: -1 on error, 914 * First output value of RTAS call if (nret > 0), 915 * 0 otherwise, 916 */ 917 int rtas_call_reentrant(int token, int nargs, int nret, int *outputs, ...) 918 { 919 va_list list; 920 struct rtas_args *args; 921 unsigned long flags; 922 int i, ret = 0; 923 924 if (!rtas.entry || token == RTAS_UNKNOWN_SERVICE) 925 return -1; 926 927 local_irq_save(flags); 928 preempt_disable(); 929 930 /* We use the per-cpu (PACA) rtas args buffer */ 931 args = local_paca->rtas_args_reentrant; 932 933 va_start(list, outputs); 934 va_rtas_call_unlocked(args, token, nargs, nret, list); 935 va_end(list); 936 937 if (nret > 1 && outputs) 938 for (i = 0; i < nret - 1; ++i) 939 outputs[i] = be32_to_cpu(args->rets[i + 1]); 940 941 if (nret > 0) 942 ret = be32_to_cpu(args->rets[0]); 943 944 local_irq_restore(flags); 945 preempt_enable(); 946 947 return ret; 948 } 949 950 #endif /* CONFIG_PPC_PSERIES */ 951 952 /** 953 * get_pseries_errorlog() - Find a specific pseries error log in an RTAS 954 * extended event log. 955 * @log: RTAS error/event log 956 * @section_id: two character section identifier 957 * 958 * Return: A pointer to the specified errorlog or NULL if not found. 959 */ 960 struct pseries_errorlog *get_pseries_errorlog(struct rtas_error_log *log, 961 uint16_t section_id) 962 { 963 struct rtas_ext_event_log_v6 *ext_log = 964 (struct rtas_ext_event_log_v6 *)log->buffer; 965 struct pseries_errorlog *sect; 966 unsigned char *p, *log_end; 967 uint32_t ext_log_length = rtas_error_extended_log_length(log); 968 uint8_t log_format = rtas_ext_event_log_format(ext_log); 969 uint32_t company_id = rtas_ext_event_company_id(ext_log); 970 971 /* Check that we understand the format */ 972 if (ext_log_length < sizeof(struct rtas_ext_event_log_v6) || 973 log_format != RTAS_V6EXT_LOG_FORMAT_EVENT_LOG || 974 company_id != RTAS_V6EXT_COMPANY_ID_IBM) 975 return NULL; 976 977 log_end = log->buffer + ext_log_length; 978 p = ext_log->vendor_log; 979 980 while (p < log_end) { 981 sect = (struct pseries_errorlog *)p; 982 if (pseries_errorlog_id(sect) == section_id) 983 return sect; 984 p += pseries_errorlog_length(sect); 985 } 986 987 return NULL; 988 } 989 990 #ifdef CONFIG_PPC_RTAS_FILTER 991 992 /* 993 * The sys_rtas syscall, as originally designed, allows root to pass 994 * arbitrary physical addresses to RTAS calls. A number of RTAS calls 995 * can be abused to write to arbitrary memory and do other things that 996 * are potentially harmful to system integrity, and thus should only 997 * be used inside the kernel and not exposed to userspace. 998 * 999 * All known legitimate users of the sys_rtas syscall will only ever 1000 * pass addresses that fall within the RMO buffer, and use a known 1001 * subset of RTAS calls. 1002 * 1003 * Accordingly, we filter RTAS requests to check that the call is 1004 * permitted, and that provided pointers fall within the RMO buffer. 1005 * The rtas_filters list contains an entry for each permitted call, 1006 * with the indexes of the parameters which are expected to contain 1007 * addresses and sizes of buffers allocated inside the RMO buffer. 1008 */ 1009 struct rtas_filter { 1010 const char *name; 1011 int token; 1012 /* Indexes into the args buffer, -1 if not used */ 1013 int buf_idx1; 1014 int size_idx1; 1015 int buf_idx2; 1016 int size_idx2; 1017 1018 int fixed_size; 1019 }; 1020 1021 static struct rtas_filter rtas_filters[] __ro_after_init = { 1022 { "ibm,activate-firmware", -1, -1, -1, -1, -1 }, 1023 { "ibm,configure-connector", -1, 0, -1, 1, -1, 4096 }, /* Special cased */ 1024 { "display-character", -1, -1, -1, -1, -1 }, 1025 { "ibm,display-message", -1, 0, -1, -1, -1 }, 1026 { "ibm,errinjct", -1, 2, -1, -1, -1, 1024 }, 1027 { "ibm,close-errinjct", -1, -1, -1, -1, -1 }, 1028 { "ibm,open-errinjct", -1, -1, -1, -1, -1 }, 1029 { "ibm,get-config-addr-info2", -1, -1, -1, -1, -1 }, 1030 { "ibm,get-dynamic-sensor-state", -1, 1, -1, -1, -1 }, 1031 { "ibm,get-indices", -1, 2, 3, -1, -1 }, 1032 { "get-power-level", -1, -1, -1, -1, -1 }, 1033 { "get-sensor-state", -1, -1, -1, -1, -1 }, 1034 { "ibm,get-system-parameter", -1, 1, 2, -1, -1 }, 1035 { "get-time-of-day", -1, -1, -1, -1, -1 }, 1036 { "ibm,get-vpd", -1, 0, -1, 1, 2 }, 1037 { "ibm,lpar-perftools", -1, 2, 3, -1, -1 }, 1038 { "ibm,platform-dump", -1, 4, 5, -1, -1 }, 1039 { "ibm,read-slot-reset-state", -1, -1, -1, -1, -1 }, 1040 { "ibm,scan-log-dump", -1, 0, 1, -1, -1 }, 1041 { "ibm,set-dynamic-indicator", -1, 2, -1, -1, -1 }, 1042 { "ibm,set-eeh-option", -1, -1, -1, -1, -1 }, 1043 { "set-indicator", -1, -1, -1, -1, -1 }, 1044 { "set-power-level", -1, -1, -1, -1, -1 }, 1045 { "set-time-for-power-on", -1, -1, -1, -1, -1 }, 1046 { "ibm,set-system-parameter", -1, 1, -1, -1, -1 }, 1047 { "set-time-of-day", -1, -1, -1, -1, -1 }, 1048 #ifdef CONFIG_CPU_BIG_ENDIAN 1049 { "ibm,suspend-me", -1, -1, -1, -1, -1 }, 1050 { "ibm,update-nodes", -1, 0, -1, -1, -1, 4096 }, 1051 { "ibm,update-properties", -1, 0, -1, -1, -1, 4096 }, 1052 #endif 1053 { "ibm,physical-attestation", -1, 0, 1, -1, -1 }, 1054 }; 1055 1056 static bool in_rmo_buf(u32 base, u32 end) 1057 { 1058 return base >= rtas_rmo_buf && 1059 base < (rtas_rmo_buf + RTAS_USER_REGION_SIZE) && 1060 base <= end && 1061 end >= rtas_rmo_buf && 1062 end < (rtas_rmo_buf + RTAS_USER_REGION_SIZE); 1063 } 1064 1065 static bool block_rtas_call(int token, int nargs, 1066 struct rtas_args *args) 1067 { 1068 int i; 1069 1070 for (i = 0; i < ARRAY_SIZE(rtas_filters); i++) { 1071 struct rtas_filter *f = &rtas_filters[i]; 1072 u32 base, size, end; 1073 1074 if (token != f->token) 1075 continue; 1076 1077 if (f->buf_idx1 != -1) { 1078 base = be32_to_cpu(args->args[f->buf_idx1]); 1079 if (f->size_idx1 != -1) 1080 size = be32_to_cpu(args->args[f->size_idx1]); 1081 else if (f->fixed_size) 1082 size = f->fixed_size; 1083 else 1084 size = 1; 1085 1086 end = base + size - 1; 1087 if (!in_rmo_buf(base, end)) 1088 goto err; 1089 } 1090 1091 if (f->buf_idx2 != -1) { 1092 base = be32_to_cpu(args->args[f->buf_idx2]); 1093 if (f->size_idx2 != -1) 1094 size = be32_to_cpu(args->args[f->size_idx2]); 1095 else if (f->fixed_size) 1096 size = f->fixed_size; 1097 else 1098 size = 1; 1099 end = base + size - 1; 1100 1101 /* 1102 * Special case for ibm,configure-connector where the 1103 * address can be 0 1104 */ 1105 if (!strcmp(f->name, "ibm,configure-connector") && 1106 base == 0) 1107 return false; 1108 1109 if (!in_rmo_buf(base, end)) 1110 goto err; 1111 } 1112 1113 return false; 1114 } 1115 1116 err: 1117 pr_err_ratelimited("sys_rtas: RTAS call blocked - exploit attempt?\n"); 1118 pr_err_ratelimited("sys_rtas: token=0x%x, nargs=%d (called by %s)\n", 1119 token, nargs, current->comm); 1120 return true; 1121 } 1122 1123 static void __init rtas_syscall_filter_init(void) 1124 { 1125 unsigned int i; 1126 1127 for (i = 0; i < ARRAY_SIZE(rtas_filters); i++) 1128 rtas_filters[i].token = rtas_token(rtas_filters[i].name); 1129 } 1130 1131 #else 1132 1133 static bool block_rtas_call(int token, int nargs, 1134 struct rtas_args *args) 1135 { 1136 return false; 1137 } 1138 1139 static void __init rtas_syscall_filter_init(void) 1140 { 1141 } 1142 1143 #endif /* CONFIG_PPC_RTAS_FILTER */ 1144 1145 /* We assume to be passed big endian arguments */ 1146 SYSCALL_DEFINE1(rtas, struct rtas_args __user *, uargs) 1147 { 1148 struct rtas_args args; 1149 unsigned long flags; 1150 char *buff_copy, *errbuf = NULL; 1151 int nargs, nret, token; 1152 1153 if (!capable(CAP_SYS_ADMIN)) 1154 return -EPERM; 1155 1156 if (!rtas.entry) 1157 return -EINVAL; 1158 1159 if (copy_from_user(&args, uargs, 3 * sizeof(u32)) != 0) 1160 return -EFAULT; 1161 1162 nargs = be32_to_cpu(args.nargs); 1163 nret = be32_to_cpu(args.nret); 1164 token = be32_to_cpu(args.token); 1165 1166 if (nargs >= ARRAY_SIZE(args.args) 1167 || nret > ARRAY_SIZE(args.args) 1168 || nargs + nret > ARRAY_SIZE(args.args)) 1169 return -EINVAL; 1170 1171 /* Copy in args. */ 1172 if (copy_from_user(args.args, uargs->args, 1173 nargs * sizeof(rtas_arg_t)) != 0) 1174 return -EFAULT; 1175 1176 if (token == RTAS_UNKNOWN_SERVICE) 1177 return -EINVAL; 1178 1179 args.rets = &args.args[nargs]; 1180 memset(args.rets, 0, nret * sizeof(rtas_arg_t)); 1181 1182 if (block_rtas_call(token, nargs, &args)) 1183 return -EINVAL; 1184 1185 /* Need to handle ibm,suspend_me call specially */ 1186 if (token == rtas_token("ibm,suspend-me")) { 1187 1188 /* 1189 * rtas_ibm_suspend_me assumes the streamid handle is in cpu 1190 * endian, or at least the hcall within it requires it. 1191 */ 1192 int rc = 0; 1193 u64 handle = ((u64)be32_to_cpu(args.args[0]) << 32) 1194 | be32_to_cpu(args.args[1]); 1195 rc = rtas_syscall_dispatch_ibm_suspend_me(handle); 1196 if (rc == -EAGAIN) 1197 args.rets[0] = cpu_to_be32(RTAS_NOT_SUSPENDABLE); 1198 else if (rc == -EIO) 1199 args.rets[0] = cpu_to_be32(-1); 1200 else if (rc) 1201 return rc; 1202 goto copy_return; 1203 } 1204 1205 buff_copy = get_errorlog_buffer(); 1206 1207 flags = lock_rtas(); 1208 1209 rtas.args = args; 1210 do_enter_rtas(__pa(&rtas.args)); 1211 args = rtas.args; 1212 1213 /* A -1 return code indicates that the last command couldn't 1214 be completed due to a hardware error. */ 1215 if (be32_to_cpu(args.rets[0]) == -1) 1216 errbuf = __fetch_rtas_last_error(buff_copy); 1217 1218 unlock_rtas(flags); 1219 1220 if (buff_copy) { 1221 if (errbuf) 1222 log_error(errbuf, ERR_TYPE_RTAS_LOG, 0); 1223 kfree(buff_copy); 1224 } 1225 1226 copy_return: 1227 /* Copy out args. */ 1228 if (copy_to_user(uargs->args + nargs, 1229 args.args + nargs, 1230 nret * sizeof(rtas_arg_t)) != 0) 1231 return -EFAULT; 1232 1233 return 0; 1234 } 1235 1236 /* 1237 * Call early during boot, before mem init, to retrieve the RTAS 1238 * information from the device-tree and allocate the RMO buffer for userland 1239 * accesses. 1240 */ 1241 void __init rtas_initialize(void) 1242 { 1243 unsigned long rtas_region = RTAS_INSTANTIATE_MAX; 1244 u32 base, size, entry; 1245 int no_base, no_size, no_entry; 1246 1247 /* Get RTAS dev node and fill up our "rtas" structure with infos 1248 * about it. 1249 */ 1250 rtas.dev = of_find_node_by_name(NULL, "rtas"); 1251 if (!rtas.dev) 1252 return; 1253 1254 no_base = of_property_read_u32(rtas.dev, "linux,rtas-base", &base); 1255 no_size = of_property_read_u32(rtas.dev, "rtas-size", &size); 1256 if (no_base || no_size) { 1257 of_node_put(rtas.dev); 1258 rtas.dev = NULL; 1259 return; 1260 } 1261 1262 rtas.base = base; 1263 rtas.size = size; 1264 no_entry = of_property_read_u32(rtas.dev, "linux,rtas-entry", &entry); 1265 rtas.entry = no_entry ? rtas.base : entry; 1266 1267 /* If RTAS was found, allocate the RMO buffer for it and look for 1268 * the stop-self token if any 1269 */ 1270 #ifdef CONFIG_PPC64 1271 if (firmware_has_feature(FW_FEATURE_LPAR)) 1272 rtas_region = min(ppc64_rma_size, RTAS_INSTANTIATE_MAX); 1273 #endif 1274 rtas_rmo_buf = memblock_phys_alloc_range(RTAS_USER_REGION_SIZE, PAGE_SIZE, 1275 0, rtas_region); 1276 if (!rtas_rmo_buf) 1277 panic("ERROR: RTAS: Failed to allocate %lx bytes below %pa\n", 1278 PAGE_SIZE, &rtas_region); 1279 1280 #ifdef CONFIG_RTAS_ERROR_LOGGING 1281 rtas_last_error_token = rtas_token("rtas-last-error"); 1282 #endif 1283 1284 rtas_syscall_filter_init(); 1285 } 1286 1287 int __init early_init_dt_scan_rtas(unsigned long node, 1288 const char *uname, int depth, void *data) 1289 { 1290 const u32 *basep, *entryp, *sizep; 1291 1292 if (depth != 1 || strcmp(uname, "rtas") != 0) 1293 return 0; 1294 1295 basep = of_get_flat_dt_prop(node, "linux,rtas-base", NULL); 1296 entryp = of_get_flat_dt_prop(node, "linux,rtas-entry", NULL); 1297 sizep = of_get_flat_dt_prop(node, "rtas-size", NULL); 1298 1299 if (basep && entryp && sizep) { 1300 rtas.base = *basep; 1301 rtas.entry = *entryp; 1302 rtas.size = *sizep; 1303 } 1304 1305 #ifdef CONFIG_UDBG_RTAS_CONSOLE 1306 basep = of_get_flat_dt_prop(node, "put-term-char", NULL); 1307 if (basep) 1308 rtas_putchar_token = *basep; 1309 1310 basep = of_get_flat_dt_prop(node, "get-term-char", NULL); 1311 if (basep) 1312 rtas_getchar_token = *basep; 1313 1314 if (rtas_putchar_token != RTAS_UNKNOWN_SERVICE && 1315 rtas_getchar_token != RTAS_UNKNOWN_SERVICE) 1316 udbg_init_rtas_console(); 1317 1318 #endif 1319 1320 /* break now */ 1321 return 1; 1322 } 1323 1324 static arch_spinlock_t timebase_lock; 1325 static u64 timebase = 0; 1326 1327 void rtas_give_timebase(void) 1328 { 1329 unsigned long flags; 1330 1331 local_irq_save(flags); 1332 hard_irq_disable(); 1333 arch_spin_lock(&timebase_lock); 1334 rtas_call(rtas_token("freeze-time-base"), 0, 1, NULL); 1335 timebase = get_tb(); 1336 arch_spin_unlock(&timebase_lock); 1337 1338 while (timebase) 1339 barrier(); 1340 rtas_call(rtas_token("thaw-time-base"), 0, 1, NULL); 1341 local_irq_restore(flags); 1342 } 1343 1344 void rtas_take_timebase(void) 1345 { 1346 while (!timebase) 1347 barrier(); 1348 arch_spin_lock(&timebase_lock); 1349 set_tb(timebase >> 32, timebase & 0xffffffff); 1350 timebase = 0; 1351 arch_spin_unlock(&timebase_lock); 1352 } 1353